[ISN] The Terrorists Are Winning the Cyber War

From: InfoSec News (isnat_private)
Date: Thu Sep 20 2001 - 02:17:26 PDT

  • Next message: InfoSec News: "[ISN] Who's Protecting Our Infrastructure?"

    September 19, 2001 
    In the Internet Age, when communications speed across national
    boundaries in nanoseconds, terrorist groups are winning the cyberspace
    battle, say intelligence and security experts.
    Terrorists hide their communications with encryption software. They
    set up Web sites to help raise money for their operations. Computer
    hackers break into U.S. government networks to research possible
    Meanwhile, federal agencies that have spent billions on computer
    surveillance of terrorists and the nations that harbor them continue
    to struggle both with outdated technology and a flood of data to
    process. Last week, former President George Bush criticized the
    nation's intelligence agencies for focusing too heavily on high-tech
    operations, rather than developing human spies in foreign terrorist
    One problem is that America's intelligence agencies are frozen in
    time, said Jeffrey Hunker, until recently a member of the National
    Security Council. The National Security Agency, the largest and most
    secretive spy shop, vividly demonstrates the problem, Hunker and other
    experts say.
    The NSA operates spy satellites and gathers information from radio,
    microwave, television, telephone and Internet signals outside the
    United States. Despite a history of technical prowess that allowed it
    to crack secret codes of dozens of nations, the NSA is falling behind
    America's adversaries, experts say. The NSA "is far more . . .
    resistant to change than most" agencies because of internal power
    struggles, said Stewart Baker, the NSA's general counsel from 1992 to
    Now the agency says it is spending billions of dollars to update aging
    computer networks and cryptographic tools. But experts say the NSA's
    sheer bulk and bureaucracy raise questions about its ability to keep
    up with technology's breakneck pace.
    For three days last year the NSA's entire computer system went down
    because of antiquated, overloaded software linking its vast array of
    computers, listening devices and satellites. Lt. Gen. Michael Hayden,
    NSA's director, said the agency went "brain dead." Fortunately for
    national security, the NSA kept the shutdown secret until the networks
    were up and running again.
    Another problem is that lifetime employment at the agency and
    relatively low pay discourage technologically savvy workers from
    joining, Baker said. The NSA's budget has also been slashed--perhaps
    by one-third--over the past decade. Managers have responded by
    attempting to preserve existing jobs, which led to hiring freezes and
    delays in purchasing new equipment. "Their budgets have tended to
    preserve people over research and technology," Baker said.
    As a result, the NSA has lagged behind trends that have remade
    intelligence gathering, including:
    * Fiber optics: Increasingly, data and voice communication, from phone
      calls routed over the Internet to computer networking transmissions,
      flow on beams of light along fiber-optic cables. Unlike
      eavesdropping on conventional copper phone lines or microwave
      towers, these glass fiber lines must be physically tapped to collect
    * Software encryption: This coding renders computer text messages
      virtually unreadable, except by the intended recipient. It is widely
      available on the Internet.
    The FBI says that Osama bin Laden--accused mastermind of the attacks
    on the World Trade Center and the Pentagon--and other terrorist groups
    routinely encrypt communications.
    Last week, some politicians called for a ban on strong encryption. Too
    late, said Tim Belcher, chief technology officer of Riptech, a
    security firm in Alexandria, Va. "Banning strong encryption would
    prove as ineffective as shutting down Napster," he said.
    * Internet support: Terrorists have become so confident that they
      sponsor Web sites to solicit funds from supporters worldwide. Two
      such Internet-savvy groups, Pakistan-based Harkat Ul Moujahedeen and
      Lebanon's Hezbollah, have been linked to Bin Laden.
    * Information overload: Each day the NSA reportedly captures a greater
      volume of data than is held by the Library of Congress. The FBI has
      attempted a similarly ambitious program, code named Carnivore, to
      collect communications traffic over Internet service provider
      networks. But intelligence agencies have trouble interpreting this
      flood of information. "There aren't enough human beings to look at
      the data," said Bruce Schneier, chief technology officer of
      Counterpane Internet Security, a security consulting company in San
    Despite these problems, there have been some victories against
    terrorism. Hunker credits U.S. spy agencies with thwarting planned
    terrorist actions, which he numbered "in double digits" over the last
    decade. But he concedes that last week's tragedy represents a
    staggering intelligence failure.
    Some politicians have questioned whether laws designed to protect
    civil liberties--which also inhibit investigators from aggressively
    pursuing suspects online--should be changed. For example, agencies
    with the most technology resources, the CIA and the NSA, are
    prohibited from nearly all domestic spying.
    "When the rules were enacted, that was pre fax machine," Baker said.
    "International communications all occurred on [conventional phone]
    circuits and you knew where they started and where they ended. . . .
    We don't live in that world anymore."
    The Bush administration is asking for expanded powers and is adding
    funds to track down terrorism suspects.
    Some FBI antiterrorism agents have strong technology skills, but the
    bureau has only about 200 tech specialists, who must handle the full
    spectrum of cyber crime.
    But resources alone are not the answer, experts say. "People think all
    we need to do is pour $40 billion into counterterrorism and this
    problem will be solved. Wrong," said Hunker, dean of the Heinz School
    of Public Policy Management at Carnegie Mellon University.
    Some say that better cooperation between law enforcement and the
    private sector, or within government agencies, would help more than
    increased domestic surveillance or fatter budgets.
    For Tom Talleur, that point became painfully clear in 1998, when
    computer hackers tapped into a NASA Jet Propulsion Laboratory computer
    in Pasadena and accessed data about the commercial air traffic system.
    "The FAA had to shut down communications for several live flights
    going on at the time," said Talleur, then chief of NASA's cyber-crime
    This intelligence could have told hackers the configuration of GPS
    navigation satellites and allowed them to jam the system during a war,
    he said.
    The hackers were also searching for information on Stealth
    aircraft--where the planes were located and how they operated in
    difficult weather situations--Talleur added. "Why break into a
    classified [Defense Department] system when there is an unclassified
    system at another agency [with] 60%" of the same material? he asked.
    JPL declined to comment.
    Talleur worked for the NASA inspector general's office. But because
    NASA officials did not understand the implications of the hack, they
    refused to allow him to install an "intercept box"--needed to track
    the hackers immediately, Talleur said.
    "By the time they let us do that, a week later, the intruders were
    long gone," he said. Talleur eventually traced the hackers to
    computers in the Persian Gulf area.
    The episode was extreme but is hardly isolated.
    The Defense Department acknowledges hundreds of successful cyber
    attacks on its networks in recent years. The networks of most public
    agencies are replete with such security holes, experts say.
    "Most of the hacks we've seen have been the equivalent of breaking and
    entering," causing limited damage, said Brian Dunphy, who left the
    Defense Department's network security unit last year to work for
    No computer hacker has yet shut down an electrical grid or opened a
    "But our nation's critical infrastructure is both connected to public
    networks and vulnerable," he added. "It's open to terrorists,
    operating from anywhere in the world, with the motivation and skills
    to wreck havoc."
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Thu Sep 20 2001 - 04:58:45 PDT